Here’s a breach description that sounds a lot like the one I just posted from Dakota County, MN. Questcare Medical Services announced Friday that it is addressing a security incident that involved the personal information of patients in the Dallas/Fort Worth/Arlington area. Questcare said in a statement that it has begun an internal investigation, notified…
Blue Cross of Idaho Notice of Privacy Breach
Boise, Idaho (April 12, 2019) – Blue Cross of Idaho Health Service, Inc. (“Blue Cross of Idaho”) is providing notice to certain members of a recent incident involving protected health information (“PHI”) which qualifies as privacy breach. On March 21, 2019, an unauthorized user accessed Blue Cross of Idaho’s online provider portal with the intent…
UT fired counselor accused of disclosing student’s PTSD
Sarah Elms reports: A University of Toledo counselor accused of improperly disclosing a student’s personal health information has been fired. University officials on Dec. 18, 2018, notified Mychail Scheramic that his employment would be terminated at close of business March 18. He was hired in 2017 as the university’s counseling center director and was paid…
MN: Dakota County Notifies 1,000 Clients After Employee Email Account Hacked
HASTINGS, Minn., April 12, 2019 /PRNewswire/ –Dakota County has become aware of a data security incident that involved protected health information maintained by the Dakota County Social Services Department. Dakota County has sent notification letters to the potentially impacted individuals to notify them of this incident and to provide resources to assist them. On February…
MD Anderson Cancer Center Appeals $4.3 Million HIPAA Fine
Marianne Kolbasuk McGee reports: The University of Texas MD Anderson Cancer Center has filed a lawsuit arguing that a $4.3 million HIPAA penalty levied against it last year by the Department of Health and Human Services following three data breaches involving unencrypted devices was unlawful. In the complaint filed Tuesday in a Texas federal court,…
Patients at an Ohio rehab hospital were notified of breach. Was that breach part of a coordinated attack on Ernest Health hospitals?
Lauren Lindstrom reports: An undisclosed number of patients at the Rehabilitation Hospital of Northwest Ohio had their personal data compromised after “unauthorized access” to employee email accounts in October, hospital officials said. Patient data, including names, Social Security numbers, driver’s license information, dates of birth, and health insurance and patient care information, was contained in…